Re: [PATCH] powerpc/fadump: reject empty bootargs_append writes

Next message: Benjamin Block: "Re: [PATCH] s390/debug: reject zero-length input before trimming a newline"
Previous message: Ronald Claveau: "Re: [PATCH v2 1/8] dt-bindings: mfd: khadas: Add new compatible for Khadas VIM4 MCU"
In reply to: Christophe Leroy (CS GROUP): "Re: [PATCH] powerpc/fadump: reject empty bootargs_append writes"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

From: Sourabh Jain

Date: Fri Apr 17 2026 - 05:41:53 EST

On 17/04/26 13:09, Pengpeng Hou wrote:

bootargs_append_store() indexes params[count - 1] when stripping a
trailing newline from the sysfs write buffer.

kernfs passes zero-length writes through to the store callback, so an
empty write makes that newline check read before the start of params.

Reject empty writes before looking at the last input byte.

Fixes: 683eab94da75 ("powerpc/fadump: setup additional parameters for dump capture kernel")
Cc: stable@xxxxxxxxxxxxxxx

Signed-off-by: Pengpeng Hou <pengpeng@xxxxxxxxxxx>
---
arch/powerpc/kernel/fadump.c | 3 +++
1 file changed, 3 insertions(+)

diff --git a/arch/powerpc/kernel/fadump.c b/arch/powerpc/kernel/fadump.c
index 4ebc333dd786..03ab5565e420 100644
--- a/arch/powerpc/kernel/fadump.c
+++ b/arch/powerpc/kernel/fadump.c
@@ -1479,6 +1479,9 @@ static ssize_t bootargs_append_store(struct kobject *kobj,
if (!fw_dump.fadump_enabled || fw_dump.dump_active)
return -EPERM;
+ if (!count)
+ return -EINVAL;

How you manage to call this function with count as 0?

+
if (count >= COMMAND_LINE_SIZE)
return -EINVAL;